Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Thu 24 Apr 2014, 05:39
All times are UTC - 4
 Forum index » Off-Topic Area » Security
Why I don't like running as root (in Puppy)
Post new topic   Reply to topic View previous topic :: View next topic
Page 5 of 9 [130 Posts]   Goto page: Previous 1, 2, 3, 4, 5, 6, 7, 8, 9 Next
Author Message
Lobster
Official Crustacean


Joined: 04 May 2005
Posts: 15117
Location: Paradox Realm

PostPosted: Wed 18 Jan 2006, 19:24    Post subject: in principle better  

or better still

Code:
#netstat -na -F inet


Embarassed ('t' missing) but in principle better

_________________
Puppy WIKI
Back to top
View user's profile Send private message Visit poster's website 
Guest
Guest


PostPosted: Thu 19 Jan 2006, 01:25    Post subject:  

According to this, (second entry; WMF vulnerability) running as a user with limited NTFS rights doesn't prevent execution of malware. I don't really understand the explanation though.
Back to top
wayover13

Joined: 27 Feb 2006
Posts: 1

PostPosted: Mon 27 Feb 2006, 14:43    Post subject:  

This discussion seems to sort of miss an essential point (the poster observes, not having read the whole thread). Sure, someone should be able to operate as root on their own computer. Just as someone can drive their own car however they want, shoot their own gun, etc. Of course it should be borne in mind that people are expected to demonstrate a certain degree of mastery in those things before they can legally do them, and so a person running as root should have a certain degree of mastery (read: solid knowledge of how their computer works and, especially if they are on a network, what the vulnerabilites and dangers are). But again, this is a bit beside the point. The problem with Puppy is not that it runs as root by default: it obviously does that just fine. The problem is there is no way for users who do not want to run as root to do so: just as someone should be able to run as root if they choose (and hopefully they will have the necessary understanding to do so safely), so the user should have the choice of not running as root. The problem here is that Puppy provides no easy and effective way of doing so. That is a shortcoming of the distro, no matter how you cut it: it should be there for those who want it. The question of whether you should be "allowed" as a matter of principle to run as root is rather irrelevant to answering to the fact that Puppy has no easy and effective way to set up non-root users. Is any work being done on this?

James
Back to top
View user's profile Send private message 
flavour

Joined: 08 Sep 2005
Posts: 124
Location: Bicester, UK

PostPosted: Mon 27 Feb 2006, 16:36    Post subject:  

Quote:
the user should have the choice of not running as root. The problem here is that Puppy provides no easy and effective way of doing so. That is a shortcoming of the distro, no matter how you cut it: it should be there for those who want it. The question of whether you should be "allowed" as a matter of principle to run as root is rather irrelevant to answering to the fact that Puppy has no easy and effective way to set up non-root users.


This sums it up perfectly for me Smile
Whilst many (or even most) users are happy with the current approach, there are many others who would really like to widen the Puppy audience, but need RunAsNonRoot to be in-place first.

Quote:
Is any work being done on this?


I am little by little & some of this is being passed upstream into the main distro (e.g. it now includes sudo by default)

This, I believe, is how to start tackling it - fix the little errors in the system scripts which hardcode /root instead of $HOME
Include this in the guidelines on 3rd party packages.
Then get an option in the Universal Installer to RunAsNonRoot.
- liveCD can be left as-is (to now annoy those that like the current system), but an *option* in the installed versions (where it matters more)

Would be *great* to see this in the first release of Puppy2 Smile

F
Back to top
View user's profile Send private message 
flavour

Joined: 08 Sep 2005
Posts: 124
Location: Bicester, UK

PostPosted: Mon 27 Feb 2006, 16:41    Post subject:  

My work-in-progress HowTo is here:
http://wiki.inveneo.org/index.php/RunAsNonRoot

I got quite far in 1.07 but got stumped by SegFaults which I didn't manage to track down (happened just after running xorgwizard - whether selecting xvesa or xorg).

I will try again with 1.08 & be more persistent with tracking down the source of any SegFaults by putting debug statements into various possible files:
.xinitrc
xwin
xrdb -merge -nocpp ~/.Xresources
/usr/bin/autocutsel

F
Back to top
View user's profile Send private message 
Dyno Spoid


Joined: 05 Sep 2006
Posts: 37
Location: Milwaukee, Wisconsin, U.S.A.

PostPosted: Wed 06 Sep 2006, 11:07    Post subject: Running as Root is actually good  

Although I'm a security-crazed person, root user in Puppy seems the right way to go.

- Adding user accounts to Puppy and having everything work is a lot of work for the developers. It also increases size, complexity, and documentation requirements.

- Puppy works, right out of the box. I can do whatever I need. sudo or su works well for UN*X fans, but not Windoh!z fans. Ubuntu is popular for a reason-it works by putting in the CD. Same for Puppy.

- If something exploits Firefox, user files are accessable as root or generic user Spot. The OS is sort of unique, so scripts don't generally have the same effect.

There are some downsides:

- If you're not behind a firewall, AND you're running a server (messaging, Samba, etc.), you're at risk. Putting virus scanning and firewall software enable/disable in the Live CD startup would be great.

- root can mount anything, any time. Running off Live CD is great until you realize your NTFS partition can be whacked. Reinstalling Puppy on the hard drive is no problem (assuming your config files are backed up), but two days installing Windo--Boot Sector corrupted-please reinstsall Win#$@ [blue-screen], arrg! wrong Authentication #, rebooting, and all the software, AND the configurations for each application (which aren't easily exportable) is a pain.

Would I like user accounts? Yes.
Is it practical? No.
Do I love Puppy? You bet!
Back to top
View user's profile Send private message Yahoo Messenger 
Flash
Official Dog Handler


Joined: 04 May 2005
Posts: 10691
Location: Arizona USA

PostPosted: Wed 06 Sep 2006, 12:47    Post subject:  

Puppy is so unique that a virus or worm which would work on another version of Linux might not make Puppy sick, and if Puppy is further customized for an application such as a server ...

Perhaps most of your objections to running Puppy as a public server connected to the internet can be dealt with by remastering Puppy as a server and then running it from a CD-ROM drive. Give it a hard reboot once an hour, say, to delete any malware that might have accumulated. If the server uses a static database, the whole thing could be put on a CD or DVD and run from a CD- or DVD- ROM drive.

_________________
Puppy Help 101 - an interactive tutorial for Lupu 5.25
Back to top
View user's profile Send private message 
GuestToo
Puppy Master

Joined: 04 May 2005
Posts: 4078

PostPosted: Wed 06 Sep 2006, 13:34    Post subject:  

it is not difficult to create new groups and or users ... a simple wizard could be written to do that

it is not difficult to run programs (like Firefox, Thunderbird, Sylpheed etc etc) as an unprivileged user, like spot

it would take lot of work to get Puppy to run as an unprivileged user so that it would run about the same as it does as root

mostly, a lot of the packages that were built for Puppy-running-as-root would have to be modified and rebuilt for Puppy-running-as-spot

see: http://www.murga.org/~puppy/viewtopic.php?t=10732
Back to top
View user's profile Send private message 
GuestToo
Puppy Master

Joined: 04 May 2005
Posts: 4078

PostPosted: Wed 06 Sep 2006, 13:39    Post subject:  

Apache must be started as root, and automatically runs as user "nobody" ... so it really does not make much difference if your shell is running as root or as spot, as far as the server is concerned

it is easy to run Puppy's tiny nullhttpd server (/root/ghttpd) as spot or as nobody ... i have a dotpup package that is a Rox appdir that will start/stop httpd as user nobody
Back to top
View user's profile Send private message 
Dyno Spoid


Joined: 05 Sep 2006
Posts: 37
Location: Milwaukee, Wisconsin, U.S.A.

PostPosted: Wed 06 Sep 2006, 14:10    Post subject: Puppy Server  

This is NOT targeting Flash or anyone else for a flame. 'You' is the generic reader.

Isn't everything a public server? Unless there is no possible route from a network to the Internet, I consider it potentially public.

Example: Your home MP3 server is wireless. Your neighbor (me) sniffs your WAP out, snorts 1 MB of data, cracks your WEP, adds my MAC address to the Permissible list (you did create one, right?), and changes your WAP password so you have no idea I added myself should something go wrong. You just think your password got typed in wrong initially and the reset button is the answer. Problem is, I'm not really your neighbor, but cracked his Windows box running NMAP and a Windows exploit script. You didn't notice me install a root kit on your laptop before I changed your WAP password back (since this is a public forum, I won't state where I got it from, but it's not extremely difficult to obtain), and now your laptop opens a port and finds me whenever you aren't looking. The great thing is you also use your laptop at work, where they don't use VPN or ssh connections to the server, so I can sniff all the data that even you don't have direct access to. Whatever is interesting gets compressed and sent over a HTTP request to a web server I cracked two years ago. What's interesting? The managerer's desktop, for one. Good thing it's a Windows box behind a corporate firewall--that makes it secure. Oh, except for your laptop being on the same network...

Okay, so most every computer can be considered connected to the Internet. What about hourly reboots? If I invite some friends for a party, do I want my music stopping every hour? Not practical. What about leaving all the MP3s on DVD with the OS? They don't need to be written to, but what happens when I want to save a new one I bought today so I can play it later? Remaster the DVD-RW in another computer and put it back on the server drive? Have compact flash in the server and burn a new DVD when that fills up? Possibly...

The solution I've come up with is to use Puppy and ssh to access a server with user accounts, where the MP3_Player group can only read, normal users can read/add, and admins can remove +previous. For connection from Windows-like boxes, Samba runs in a Virtual Machine environment on the server, meaning Samba gets to run on it's own computer (virtually). So if Samba is hacked, it still can't write to the file server, because the Samba machine has a read-only mount as defined by the file server, not the Samba server. Since Samba runs on a VM, the VM can be defined as an appliance, meaning every time it's restarted it starts fresh.

We can't expect Puppy to do all this and still be Puppy. I think the authors did a great job on keeping things small and fast. If you (again, a generic 'you') need more, try hand-rolling Gentoo into what you need. It can be fast, small, and exactly what you need, even booting off USB Flash drives and PXE. However, you now have to take the time to roll it, where as Puppy is working and stable. The same goes for hand-rolling a WAP appliance, which is even funner. Did you know the new ones support external USB hard drives and CF? Yes, that means a full server with a network switch, 5 ethernet ports, wireless networking, printer, and without any moving components (other than the printer) and consuming only 5 watts of power. Maybe you can get it to use 15 watts if you really push it.
Back to top
View user's profile Send private message Yahoo Messenger 
Q

Joined: 10 Jul 2006
Posts: 62

PostPosted: Wed 04 Oct 2006, 00:09    Post subject:  

Question for Kernel experts and developers.
whats your thought about this:
http://it.slashdot.org/it/06/10/03/2122220.shtml

2 comments I liked:
Quote:

Whether this is a show-stopper or not, it's a great example of what can happen with tons of eyeballs on a project. This is the type of bug that proprietary vendors would suffer to discover with such limited resources on a single project. It makes me wonder how often proprietary kernels are retooled *after* a flaw has been found in a similar OSS product.

and the other one not just because it was funny but canny Twisted Evil
Quote:

OMFG! I have a security flaw... but you have to be _root_ to execute it! AHHHHH It's the end of the world!

I discovered a new one too... if you run rm -rf / as root you'll bork your system!

We should all go back to windows, where rm doesn't exist ^_^
Surprised
Back to top
View user's profile Send private message 
Gn2


Joined: 16 Oct 2006
Posts: 936
Location: virtual - Veni vidi, nihil est adpulerit

PostPosted: Mon 23 Oct 2006, 04:34    Post subject:  

To root at length -on these matters, or not - is the question:

Puppy- Esp. live - is configured to do what it does and do it well with the very minimum of user intervention

Most of above reflect very specific concerns - many of which do not exist running a liveCD (RAM)

When granting users access to client services > Puppy use is then trying to fill the role of a server

IMHO that is outside the goals of the originator
Back to top
View user's profile Send private message 
BonaPon

Joined: 03 Mar 2007
Posts: 1

PostPosted: Sat 03 Mar 2007, 16:28    Post subject:  

I've been setting up a box for a person who doesn't even know how to use a mouse. Do I want that person having super powers?
That is why I want to set up an account for him and have him log in as an ordinary user. I don't wan't to be constantly at his place to repair his box.
Back to top
View user's profile Send private message 
Flash
Official Dog Handler


Joined: 04 May 2005
Posts: 10691
Location: Arizona USA

PostPosted: Mon 05 Mar 2007, 00:03    Post subject:  

Let us know how it works out, BonaPon. I suspect you'll have to help your friend a lot either way. You could give him a remastered CD to boot from, preconfigured with the applications and settings as he wants it.
Back to top
View user's profile Send private message 
paulsiu

Joined: 16 Jan 2007
Posts: 187

PostPosted: Tue 06 Mar 2007, 15:31    Post subject:  

I am jumping into this conversation late. I have a technical background but is not an expert in security or Linux, but I’ll throw in my two cent:

Puppy Linux seems to be a throwback to the earlier days of computing. Early OS like DOS, Macintosh OS, and Windows (pre-XP) were really single user machines. When you turn on the computer, it booted directly into the desktop and gives the user full permission to everything. There was no concept of user accounts.

Linux, which follows the UNIX model, comes from the corporate world where security is necessary. Everyone has to login so that some nobody off the street can’t steal data by switching the computer on. Access may be placed to prevent employee from seeing personal data on another employee or to install new programs that may crash the system. On such a system, there is usually a separate group call the administrators that have full rights to the system. All other users have only limited rights.

While Puppy is a Linux derivative, the designer chose to use a simple model where everyone boots into root. The advantage of this system is that everything is simpler. On other Linux systems, you have to login as admin to install software. You may have get errors because you the permission didn’t allow you to mount a device or connect to X-window. What you do give up in exchange is security.

For example, suppose you run a Trojan horse program by accident, such as when you launch an attachment, or click on a popup that deposits a program on your drive. If you run as root, the malicious program has full permission to attack everything. If you run as a limited user, you can trash your user files, but the rest of the system is safe.

Keep in mind that you’re probably OK for now. Most of the virus only target windows, so if some popup deposit a DLL on your drive or cause you to run a windows program, nothing will happen. I would not however, use Puppy as a server that may contain sensitive data.

I’ll be real careful about running Wine, or if you have a dual boot where the virus may be able to infect your DOS partition. If Linux becomes really popular, and we start seeing Linux computer viruses, then I would worry.
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 5 of 9 [130 Posts]   Goto page: Previous 1, 2, 3, 4, 5, 6, 7, 8, 9 Next
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Off-Topic Area » Security
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.1031s ][ Queries: 12 (0.0191s) ][ GZIP on ]